<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Trouble setting up Winfows / Linux cipe connection
From: "Martin Bene" <martin.bene,AT,icomedias,DOT,com>
Date: Thu, 31 Jan 2002 17:11:47 +0100

Hi, I'm trying to get the following config set up:

Roaming windows user (laptop, connects via dialup/adsl/whatever) needs to 
connect to company internal lan.

what I'd like to setup:

company lan              cipe gw/int    cipe gw ext
192.168.33.0 --- 192.168.33.1 --- 1.2.3.4
                                                |
                                                |
                                                w2k box, dynamic address
                                                5.6.7.8
                                                w2k cipe interface: 
192.168.33.201

Basicaly I'd like to give the windows box an address from inside the company 
lan; some problems however:
 * W2K box doesn't have a fixed IP address
 * W2K box is sometimes connected directly to the company internal lan.
 * W2K box only needs the connections sometimes, not all the time (may be 
connected behind dial-on demand router - don't want the cipe stuff to keep 
the linke up when not needed).

So, there's a bunch of questions how to best do this:
 - can the local IP address be left empty / automaticaly aquired in cipe for 
windows?
 - since the cipe network adapter shows up as a normal (fixed) network 
interface, how can I best enable/disable it? hint: when trying to disable the 
interface in "network and dialup interfaces" I get a blue screen more often 
than not; version used is 2.0-pre9.

Another question: when setting up with fixed addresses, the above doesn't 
seem to work: I can ping the cipe gw over encrypted link, but no other hosts 
(cipe gateway does proxy arp for w2k box). the problem is that packets for 
other hosts on the company net aren't sent over the cipe tunnel from the w2k 
machine; probably because the cipe tunnel doesn't show up as a point-to-point 
interface.

So: is the configuration I'd like even possible or should I use completely 
seperate address space for the cipe tunnels?

Thanks for any hints, 

Martin

PS: the above config works fine using poptop/pptp, only problem is that 
there's quite a few situations where the remote connection for the w2k box 
doesn't support/allow pptp protocol; plain UDP packets probably have a much 
better chance of getting through, esp. if the connection goes through some 
kind of  NAT. also, pptp security isn't all that great..





<< | Thread Index | >> ]    [ << | Date Index | >> ]